CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-23790 – Missing file type check in avatar picture upload
https://notcve.org/view.php?id=CVE-2024-23790
29 Jan 2024 — Improper Input Validation vulnerability in the upload functionality for user avatars allows functionality misuse due to missing check of filetypes. This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023 through 2023.1.1. Una vulnerabilidad de validación de entrada incorrecta en la funcionalidad de carga de avatares de usuarios permite un mal uso de la funcionalidad debido a la falta de verificación de los tipos de archivos. Este problema afecta a OTRS: desde 7.0.X hasta 7.0... • https://otrs.com/release-notes/otrs-security-advisory-2024-01 • CWE-20: Improper Input Validation CWE-354: Improper Validation of Integrity Check Value •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-23791 – Unnecessary data is written to log if issues during indexing occurs
https://notcve.org/view.php?id=CVE-2024-23791
29 Jan 2024 — Insertion of debug information into log file during building the elastic search index allows reading of sensitive information from articles.This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1. La inserción de información de depuración en el archivo de registro durante la creación del índice de búsqueda elástico permite leer información confidencial de los artículos. Este problema afecta a OTRS: de 7.0.X a 7.0.48, de 8.0.X a 8.0.37, de 2023.X a 2023.1 .... • https://otrs.com/release-notes/otrs-security-advisory-2024-02 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-23792 – Insufficient access control
https://notcve.org/view.php?id=CVE-2024-23792
29 Jan 2024 — When adding attachments to ticket comments, another user can add attachments as well impersonating the orginal user. The attack requires a logged-in other user to know the UUID. While the legitimate user completes the comment, the malicious user can add more files to the comment. This issue affects OTRS: from 7.0.X through 7.0.48, from 8.0.X through 8.0.37, from 2023.X through 2023.1.1. Al agregar archivos adjuntos a los comentarios del ticket, otro usuario puede agregar archivos adjuntos y hacerse pasar po... • https://otrs.com/release-notes/otrs-security-advisory-2024-03 • CWE-287: Improper Authentication •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-5421 – Possible XSS execution in customer information
https://notcve.org/view.php?id=CVE-2023-5421
16 Oct 2023 — An attacker who is logged into OTRS as an user with privileges to create and change customer user data may manipulate the CustomerID field to execute JavaScript code that runs immediatly after the data is saved.The issue onlyoccurs if the configuration for AdminCustomerUser::UseAutoComplete was changed before. This issue affects OTRS: from 7.0.X before 7.0.47, from 8.0.X before 8.0.37; ((OTRS)) Community Edition: from 6.0.X through 6.0.34. Un atacante que haya iniciado sesión en OTRS como usuario con privil... • https://otrs.com/release-notes/otrs-security-advisory-2023-09 • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-38059 – External pictures can be loaded even if not allowed by configuration
https://notcve.org/view.php?id=CVE-2023-38059
16 Oct 2023 — The loading of external images is not blocked, even if configured, if the attacker uses protocol-relative URL in the payload. This can be used to retreive the IP of the user.This issue affects OTRS: from 7.0.X before 7.0.47, from 8.0.X before 8.0.37; ((OTRS)) Community Edition: from 6.0.X through 6.0.34. La carga de imágenes externas no se bloquea, incluso si está configurada, si el atacante utiliza una URL relativa al protocolo en el payload. Esto se puede utilizar para recuperar la IP del usuario. Este pr... • https://otrs.com/release-notes/otrs-security-advisory-2023-08 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-5422 – SSL Certificates are not checked for E-Mail Handling
https://notcve.org/view.php?id=CVE-2023-5422
16 Oct 2023 — The functions to fetch e-mail via POP3 or IMAP as well as sending e-mail via SMTP use OpenSSL for static SSL or TLS based communication. As the SSL_get_verify_result() function is not used the certificated is trusted always and it can not be ensured that the certificate satisfies all necessary security requirements. This could allow an attacker to use an invalid certificate to claim to be a trusted host, use expired certificates, or conduct other attacks that could be detected if the certificate is properly... • https://otrs.com/release-notes/otrs-security-advisory-2023-10 • CWE-295: Improper Certificate Validation •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-38060 – Host header injection by attachments in web service
https://notcve.org/view.php?id=CVE-2023-38060
24 Jul 2023 — Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate or TicketUpdate operations of the OTRS Generic Interface modules allows any authenticated attacker to to perform an host header injection for the ContentType header of the attachment. This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34. • https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html • CWE-20: Improper Input Validation CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-38056 – Code execution via System Configuration
https://notcve.org/view.php?id=CVE-2023-38056
24 Jul 2023 — Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. SchedulerCronTaskModule using UnitTests modules allows any authenticated attacker with admin privileges local execution of Code.This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34. • https://otrs.com/release-notes/otrs-security-advisory-2023-05 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-1250 – Code execution through ACL creation
https://notcve.org/view.php?id=CVE-2023-1250
20 Mar 2023 — Improper Input Validation vulnerability in OTRS AG OTRS (ACL modules), OTRS AG ((OTRS)) Community Edition (ACL modules) allows Local Execution of Code. When creating/importing an ACL it was possible to inject code that gets executed via manipulated comments and ACL-names This issue affects OTRS: from 7.0.X before 7.0.42, from 8.0.X before 8.0.31; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34. Improper Input Validation vulnerability in OTRS AG OTRS (ACL modules), OTRS AG ((OTRS)) Community Edition (A... • https://otrs.com/release-notes/otrs-security-advisory-2023-02 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-1248 – Possible XSS in Ticket Actions
https://notcve.org/view.php?id=CVE-2023-1248
20 Mar 2023 — Improper Input Validation vulnerability in OTRS AG OTRS (Ticket Actions modules), OTRS AG ((OTRS)) Community Edition (Ticket Actions modules) allows Cross-Site Scripting (XSS).This issue affects OTRS: from 7.0.X before 7.0.42; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34. • https://otrs.com/release-notes/otrs-security-advisory-2023-01 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •